MEDIUM4.9CVE-2024-53257Vitess allows HTML injection in /debug/querylogz and /debug/env in vitess.io/vitess from 0, < 0.19.8, >= 0.20.0, < 0.20.4, >= 0.21.0, < 0.21.1
MEDIUM4.9CVE-2024-53257Vitess allows HTML injection in /debug/querylogz and /debug/env in vitess.io/vitess >= 0.21.0-rc1, < 0.21.1
MEDIUM4.9CVE-2024-32886Denial of service attack by triggering unbounded memory usage in vitess.io/vitess from 0, < 0.17.7, >= 0.18.0, < 0.18.5, >= 0.19.0, < 0.19.4
MEDIUM4.9Denial of service attack by triggering unbounded memory usage in vitess.io/vitess
from 0, < 0.17.7
MEDIUM4.1VTAdmin users that can create shards can deny access to other functions
from 0, < 0.16.2
MEDIUM4.1Improper handling of keyspaces in vitess.io/vitess
from 0, < 0.16.1
MEDIUM4.1Improper handling of keyspaces in vitess.io/vitess
from 0, < 0.16.1
—Vitess users with backup storage access can write to arbitrary file paths in vitess.io/vitess
>= 0.23.0-rc1, < 0.23.3
—Vitess users with backup storage access can write to arbitrary file paths in vitess.io/vitess
from 0, < 0.22.4, >= 0.23.0-rc1, < 0.23.3
—Vitess users can gain unauthorized access to production deployment environments in vitess.io/vitess
from 0, < 0.22.4, >= 0.23.0, < 0.23.3
—Vitess users can gain unauthorized access to production deployment environments in vitess.io/vitess
from 0, <= 0.23.2